stephen.schaubach writes: While checking out Google's Android app store I searched for a banking app to use with my bank. I was surprised to see three mobile apps listed and none of them released from the bank itself. I cannot say what any of these apps are doing behind the scenes for sure but the mobile app could certainly swipe your credentials and connect you to the bank at the same time a lot more convincingly than any phishing site could. Is this the beginning of mobile app phishing? It's hard to believe nobody at the app store end is checking to see if the app has been legitimately released/signed from the actual bank it's representing. It makes me wonder what other apps are out there mining people's personal data, phishing, etc. and what can be done about this potential risk to safeguard the general public? Has anyone else run into similar situations? Anti-phishing software like Nokia's Free Anti-Phishing app or mobile Safari's similar feature wouldn't protect the mobile user from an application doing something in via code behind the scenes. Perhaps only a code walk-through or a legit certificate would remedy this situation. Any thoughts?
gollum123 writes: "From Time, After six years of childless marriage, John and Cynthia Burke of Newark decided to adopt a baby boy through a state agency ( http://www.time.com/time/magazine/article/0,9171,877155,00.html ) . John Burke, an atheist, and his wife, a pantheist, left the line for religious affiliation blank on the forms. Superior Court Judge William Camarata raised the religious issue. Inestimable Privilege. In an extraordinary decision, Judge Camarata denied the Burkes' right to the child because of their lack of belief in a Supreme Being. Despite the Burkes' "high moral and ethical standards," he said, the New Jersey state constitution declares that "no person shall be deprived of the inestimable privilege of worshiping Almighty God in a manner agreeable to the dictates of his own conscience." Despite Eleanor Katherine's tender years, he continued, "the child should have the freedom to worship as she sees fit, and not be influenced by prospective parents who do not believe in a Supreme Being." Two weeks ago, aided by the American Civil Liberties Union, the Burkes appealed directly to the New Jersey Supreme Court, which agreed to hear the case. If they fail in their appeal, Eleanor Katherine may have to leave the only family she has ever known and await adoption by another couple whose religious convictions satisfy the State of New Jersey."
anthrax writes: "Completely ignoring Congress and public comments, the FCC voted to relax ownership rules which prevented broadcasters from owning newspapers in the nation's 20 largest media markets. After holding several public hearings that overwhelmingly opposed the relaxation or the rules, and Congressional hearing where Democratic and Republican (even Ted "The Internet is Tubes" Stevens) voiced opposition to the move, the FCC voted 3 to 2 to change the rules. Not hard guessing the political affiliation of the votes."
SkiifGeek writes: "Late last week the SquirrelMail team posted information on their site about a compromise to the main download repository for SquirrelMail that resulted in a critical flaw being introduced into two versions of the webmail application (1.4.11 and 1.4.12).
After gaining access to the repository through a release maintainer's compromised account (it is believed), the attackers made a slight modification to the release packages, modifying how a PHP global variable was handled. As a result, it introduced a remote file inclusion bug — leading to an arbitrary code execution risk on systems running the vulnerable versions of SquirrelMail.
The poisoning was identified after it was reported to the SquirrelMail team that there was a difference in MD5 signatures for version 1.4.12.
walterbyrd writes: "Blog post from Allan Packer (author of Configuring and Tuning Databases on the Solaris Platform) discuses the likelihood of MySQL, PostgreSQL et al challenging Oracle, IBM and Microsoft."